The Attic Network - Remote Lookup Functions
Host, ping, traceroute, GeoIP lookup, WHOIS and dig information
Results may take a few moments to be displayed.
Hide host information";
echo '' . "\n" . '
' . "\n" . 'Host Information for: ' . $trace_ip_addr . "\n\n";
system('host '. $trace_ip_addr);
echo '
' . "\n" . '
Host lookup complete.
' . "\n" . '
' . "\n" . '
';
}
//Ping test
if ($_POST['ping'] == 'yes'){
//Limit it off at 20 ping packets
if($_POST['pingcount'] > '20'){
$sendping = '20';
}else{
$sendping = $_POST['pingcount'];
}
//As we are running system commands, lets just quickly remove any escalation of privelage
$sendping = escapeshellcmd($_POST['pingcount']);
//Display the results
echo "Hide ping results";
echo '' . "\n" . '
' . "\n" . 'Ping result to: ' . $trace_ip_addr . "\n\n";
system('ping -c '.$sendping.' '. $trace_ip_addr);
echo '
' . "\n" . '
Ping complete.
';
// Warning that they sent a lot of packets
if($_POST['pingcount'] > '20'){
echo "
WARNING!Do you really need to send more than 20 ping packets? REALLY? That's nice, do it from your desktop. We have limited it off to 20 packets.";
}
//Close the box
echo "\n" . '
' . "\n" . '
';
}
//Traceroute info
if ($_POST['traceroute'] == 'yes'){
echo "Hide tracert results";
echo '' . "\n" . '
' . "\n" . 'Tracing route to: ' . $trace_ip_addr . "\n\n";
system('traceroute ' . $trace_ip_addr);
echo '
' . "\n" . '
Trace complete.
' . "\n" . '
' . "\n" . '
';
}
//GeoIP lookup
if ($_POST['geoip'] == 'yes'){
$geoinfo = geoip_record_by_name(''.$trace_ip_addr.'');
echo "Hide GeoIP Information";
echo '' . "\n" . '
' . "\n" . 'Raw GeoIP information for: ' . $trace_ip_addr . "\n\n";
print_r($geoinfo);
echo '
' . "\n" . '
Lookup complete.
' . "\n" . '
' . "\n" . '
';
}
//Whois Information
if ($_POST['whois'] == 'yes'){
echo "Hide Whois results";
echo '' . "\n" . '
' . "\n" . 'Whois information for: ' . $trace_ip_addr . "\n\n";
system('whois ' . $trace_ip_addr);
echo '
' . "\n" . '
Lookup complete.
' . "\n" . '
' . "\n" . '
';
}
//Quick Info
if ($_POST['qinfo'] == 'yes'){
echo "Hide Quick Info results";
echo '' . "\n" . '
' . "\n" . 'Quick information for: ' . $trace_ip_addr . "\n\n";
system('whois ' . $trace_ip_addr . '| grep "Registrar:\|Name Server"');
echo "\n";
system('host '. $trace_ip_addr);
echo '
' . "\n" . '
Lookup complete.
' . "\n" . '
' . "\n" . '
';
}
//Dig lookup
if ($_POST['dig'] == 'yes'){
//Work out what server to use
if ($_POST['servername'] == 'defined'){
$digatserver = $_POST['dservername'];
}elseif ($_POST['servername'] == 'predefined'){
$digatserver = $_POST['pdservername'];
}elseif ($_POST['servername'] == 'rootns'){
$digatserver = $_POST['rootnslist'];
}else{
$digatserver = 'resolver1.opendns.com'; // Worst case fallback (OpenDNS public server)
}
//As we are running system commands, lets just quickly remove any escalation of privelage
$rtype = escapeshellcmd($_POST['rtype']);
$digatserver = escapeshellcmd($digatserver);
//Display the results
echo "Hide Dig Results";
echo '' . "\n" . '
' . "\n" . 'Dig information for: ' . $trace_ip_addr . "\n\n";
echo 'Command run: dig ' .$_POST['rtype'].' @'. $digatserver.' '.$trace_ip_addr . "\n\n";
system('dig @' . $digatserver.' '.$rtype.' '.$trace_ip_addr);
echo '
' . "\n" . '
Lookup complete.
' . "\n\n";
//Provide some helpfull information
if($_POST['rtype'] == "PTR"){
echo "
Didn't get the reverse results you thought you would see? Make sure you are using the format: xxx.xxx.xxx.xxx.in-addr.arpa - Ensure the IP is backwards! 192.168.0.1 becomes 1.0.168.192.in-addr.arpa";
}
//Close the box
echo "\n" . '
' . "\n" . '
';
}
}
?>